Protecting digital documents and being able to verify that the sender of a file is, in fact, who they say they are, is fast becoming a major concern for many businesses.
Whether receiving a document from a business partner or downloading software from the Internet, the ability to verify the integrity of a file is crucial. Documents that have been tampered with, or created fraudulently, pose a serious threat. A good protection strategy is the use of a digital signature. This is a mathematical scheme for demonstrating the authenticity of a digital file.
The recipient of a document has reason to believe a known sender created it and prevents them from denying sending it, this is known as authentication and non-repudiation. Like a tamper-proof seal, it indicates that the document was not altered during delivery, its integrity was intact.
And, the sender can restrict who has access to the document. This is because digital signatures utilise public key cryptography that relies on senders and receivers having two keys, mathematically associated with each other, to encrypt messages. Each person has both a public and a private key. The sender encrypts the message with the receiver’s public key. The receiver then uses their private key to decrypt the document.
Further more digital, signatures are based on digital certificates which are verifiers of identity and issued by a trusted third party, a certification authority (CA).
Says Colin Tankard, Managing Director, Digital Pathways, “the forthcoming GDPR (General Data Protection Regulations) has put the need to identify, control and destroy sensitive data at the forefront of business owners.
“These regulations will become a key factor in every Firm’s data security compliance strategy and implementing a digital signature strategy will make protecting sensitive data much easier and, give data owners a greater sense of protection”.